package com.jiandian.zh.api.auth.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;


/**
 * 开启资源服务器
 *
 * @author lik
 */
@EnableAuthorizationServer

@Configuration
public class MyOauth2AuthServerConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private PasswordEncoder bCryptPasswordEncoder;

    @Autowired
    @Qualifier(value = "myUserDetailsServiceImpl")
    private UserDetailsService userDetailsService;

    @Autowired
    private RedisTokenStore redisTokenStore;

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        // 密码模式需要authenticationManager
        endpoints.authenticationManager(authenticationManager)
                // 设置token存储在redis中
                .tokenStore(redisTokenStore)
                // 设置userdeatil，否则无法识别token中的用户信息
                .userDetailsService(userDetailsService);
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        String encodePassword = bCryptPasswordEncoder.encode("123456");


        clients.inMemory()
                .withClient("jiandian")
                .secret(encodePassword)
                .accessTokenValiditySeconds(9999999)
                .authorizedGrantTypes("refresh_token" , "password")
                .scopes("all")
                .and()
                .withClient("jiandian_android")
                .secret(encodePassword)
                .accessTokenValiditySeconds(9999999)
                .authorizedGrantTypes("refresh_token" , "password")
                .scopes("all")
                .and()
                .withClient("jiandian_web")
                .secret(encodePassword)
                .accessTokenValiditySeconds(9999999)
                .authorizedGrantTypes("refresh_token" , "password")
                .scopes("all")
                .and()
                .withClient("jiandian_pc")
                .secret(encodePassword)
                .accessTokenValiditySeconds(9999999)
                .authorizedGrantTypes("refresh_token" , "password")
                .scopes("all");


    }


}
